© 2010 The PowerTech Group, Inc.
All Rights Reserved
Verify object signatures during restore
PowerTech recommended setting: 3 or 5
Importance: Medium
Purpose: Allows you to verify the signatures of objects that are restored to the system. Helps prevent the loading of malicious software on the system. "3" is the default value at V5R3 and the recommended value.
The following are possible options:
1 = Do not verify object signatures on restore. Restore all objects.
2 = Verify object signatures on restore; allow restore of objects without signatures and with signatures that are not valid.
3 = Verify signatures on restore. Restore unsigned commands and user-state objects. Restore signed commands and user-state objects only if signatures are valid.
4 = Verify object signatures on restore; Does not restore unsigned user-state objects. Restores signed user-state objects, even if signatures are not valid.
5 = Verify object signatures on restore; do not allow restore of objects without signatures or with signatures that are not valid. This is the strictest security setting.
Risks and Concerns: While Option 5 is the strictest setting, it may prevent the loading of many legitimate, valid third party application software programs.
System values play an important role in restore operations. If you have further questions, the IBM System i Information Center provides several documents on how to plan and configure the system values that affect a restore operation.
© 2010 The PowerTech Group, Inc.
All Rights Reserved